<?php

    require_once 'UserType.php';

    class User {

        protected $Username;
        protected $Password;
        protected $UserType;
        protected $Locked;

        public function __construct($username, $password, $usertype, $locked) {
            $this->Username = $username;
            $this->Password = $password;
            if(UserType::Valid($usertype))
                $this->UserType = $usertype;
            else
                throw new Exception('Invalid user type.');
            $this->Locked = $locked;
        }

        public function __get($key) {
            if(property_exists($this, $key)) {
                return $this->{$key};
            }
            else {
                return NULL;
            }
        }

        public function __set($key, $value) {
            throw new Exception('Class is immutable.');
        }

        public static function InsertUser($user) {
            Connection::Connect();
            if($try = User::ReadUser($user->Username) != NULL)
                return $try->Username;

            $sql = mysql_query(
                "
                    INSERT INTO 
                    User (
                            Username, 
                            Password, 
                            UserType
                    ) 
                    VALUES (
                        '$user->Username', 
                        '$user->Password', 
                        '$user->UserType'
                    )
                "
            );
            
            if($sql == FALSE)
                return NULL;

            return $user;
        }

        public static function ReadUser($username) {
            Connection::Connect();
            $sql = mysql_query(
                "
                    SELECT 
                        *
                    FROM 
                        User 
                    WHERE
                        Username = '$username' 
                        AND 
                        Deleted = FALSE
                "
            );
            
            if($sql == NULL)
                return NULL;

            $rows = mysql_num_rows($sql);
            if($rows == 1) {
                while($row = mysql_fetch_assoc($sql))
                {
                    $username = $row['Username'];
                    $password = $row['Password'];
                    $usertype = $row['UserType'];
                    $locked = $row['Locked'];
                    return new User($username, $password, $usertype, $locked);
                }
            }
            
            return NULL;
        }

        public static function UpdateUser($user) {
            Connection::Connect();
            $sql = mysql_query(
                "
                    UPDATE 
                        User 
                    SET 
                        Password = '$user->Password', 
                        UserType = '$user->UserType' 
                    WHERE 
                        Username = '$user->Username' 
                        AND 
                        Deleted = FALSE
                " 
            );
            
            if($sql == FALSE)
                return NULL;
            
            return $user->Username;
        }

        public static function DeleteUser($username) {
            Connection::Connect();
            $sql = mysql_query(
                "
                    UPDATE 
                        User 
                    SET 
                        Deleted = TRUE 
                    WHERE 
                        Username = '$username'
                " 
            );
                
            if($sql == FALSE)
                return FALSE;
            
            return TRUE;
        }

        public static function SearchUser($user) {
            Connection::Connect();
            $where = "WHERE Deleted = FALSE ";
            $conds_present = TRUE;
            if($user->Username != NULL) {
                if($conds_present)
                    $where = $where . "AND ";
                $conds_present = TRUE;
                $where = $where . "Username LIKE '%$user->Username%' ";
            }
            if($user->Password != NULL) {
                if($conds_present)
                    $where = $where . "AND ";
                $conds_present = TRUE;
                $where = $where . "Password LIKE '%$user->Password%' ";
            }
            if($user->UserType != NULL) {
                if($conds_present)
                    $where = $where . "AND ";
                $conds_present = TRUE;
                $where = $where . "UserType = '%$user->UserType%' ";
            }
            if(!$conds_present)
                $where = "";

            $sql = mysql_query(
                "
                    SELECT DISTINCT
                        *
                    FROM 
                        User 
                "
                .
                $where
            );
            
            if($sql == NULL)
                return NULL;

            $items = array();
            while($row = mysql_fetch_assoc($sql))
            {
                $username = $row['Username'];
                $password = $row['Password'];
                $usertype = $row['UserType'];
                $locked = $row['Locked'];
                $items[] = new User($username, $password, $usertype, $locked);
            }
            return items;
        }

        public static function LockUser($username) {
            Connection::Connect();
            $sql = mysql_query(
                    "
                            UPDATE 
                                    User 
                            SET 
                                    Locked = TRUE 
                            WHERE 
                                    Username = '$username'
                    " 
            );
            
            if($sql == FALSE)
                return FALSE;
            
            return TRUE;            
        }

        public static function UnlockUser($username) {
            Connection::Connect();
            $sql = mysql_query(
                "
                    UPDATE 
                        User 
                    SET 
                        Locked = FALSE 
                    WHERE 
                        Username = '$username'
                " 
            );
            
            if($sql == FALSE)
                return FALSE;
            
            return TRUE;
        }

    }

?>